Try as I might, I can’t shake the feeling that 2014 is the year we lose the Web. The W3C push for DRM in all browsers is going to ensure that all interfaces built in HTML5 (which will be pretty much everything) will be opaque to users, and it will be illegal to report on security flaws in them (because reporting a security flaw in DRM exposes you to risk of prosecution for making a circumvention device), so they will be riddled with holes that creeps, RATters, spooks, authoritarians and crooks will be able to use to take over your computer and fuck you in every possible way.

While I am quite frequently in agreement with Cory, I'm at least marginally more optimistic than he is about the eventual result here. Putting DRM into HTML is monumentally stupid, and he's right that it will create massive security and legal liabilities for almost everyone. But the history of DRM has shown, over and over again, that it gets broken to bits in minutes once released, and even if there is legal liability involved in such things, it always happens. It will happen again here, and there will be "patches" made pretty quickly. It will be a tremendous waste of resources on pretty much everyone's part, but I'm not convinced that it will be effective in making things that much more unsafe.

That said, the larger point that Cory raises reminds me of the key point that I'm still at a loss to understand here. Why the W3C and others who support this proposal seem to be so willing to kowtow to Hollywood on this. Yes, as Cory explains, it's really Netflix driving the bus here, but it's the Hollywood studios that are out there telling Netflix they need DRM:

And it’s basically all being driven by Netflix. Everyone in the browser world is convinced that not supporting Netflix will lead to total marginalization, and Netflix demands that computers be designed to keep secrets from, and disobey, their owners (so that you can’t save streams to disk in the clear).

But here's the thing: the internet wasn't built to be the next broadcast medium for big Hollywood blockbusters. It was built as a computing and communications platform. That's what made it special and it's why so many people have flocked to it. It's why it's "the internet." Hollywood came late to the party and has been trying to redesign the web in its own image ever since -- and that means locking it down so it's more about a broadcasting model, in which the "professionals" in Hollywood get to determine what you, the peons, get to do.

But there's a reason Hollywood so desperately wants to control the internet: because all the people are here. And that's an important point. Hollywood (and, by extension, Netflix) need the internet much more than the internet needs Hollywood. Sure, the Hollywood folks like to claim that the reason the internet is so popular is because of professional content, but there's little to no evidence to support that. Yes, people like to have access to that content, but it's never been the driving force for why people want to be online.

And we've seen this game before. The record labels demanded DRM from online music stores for years... until they realized that this was a complete waste of time and money for no benefit. And they finally agreed to what the public wanted: no DRM. There's no reason for the W3C to make this same mistake. The studios and Netflix can resist all they want. They can stick with their proprietary Silverlight players no matter how annoying and technologically backwards they might be. But, in the end, they'll come around to better, more open technologies like HTML5 because that's where the people are and that's what the people want.

So, the W3C has a serious choice to make here, and it's been betting on the wrong horse. Sure, Netflix will resist HTML5 for a while. Because that's what it feels it needs to do. But it won't last. Because it can't. History has shown over and over again that companies will eventually follow the will of the public and it will happen again here. There's no reason to go through a stupid, shortsighted and wasteful process of DRMing everything, only to see it cracked and broken within hours of being launched. Just drop the DRM, focus on building a system that better provides what the public wants... and Hollywood and Netflix will get there eventually as well.

Re: Google/Netflix

That quote is copyright DC Entertainment/Warner Bros. Studios and will be DRM'd shortly. You will need to provide proof of ownership of The Dark Knight in order to read said quote. Thank you for your cooperation!

Re: Re: Google/Netflix

You might think you just made a joke, but it was a real feature of one of the original hypertext proposals, Project Xanadu.

"The Xanadu system would, for example, contain only one copy of a particular novel. Anyone quoting from that novel in an essay would “transclude” the relevant passage; [...] publishers posting documents into Xanadu would be able to specify a tiny payment (a micropayment) that would be charged to anyone viewing part of the document." (source: http://www.economist.com/node/442985).

If the internet dies now, we're looking at a large-scale economic collapse. All businesses are reliant upon it now; to suddenly ruin that in the way Cory postulates would to be bomb everyone back into the stone age. Can you even begin to imagine the backlash that would come from that?

Re:

I think by "the internet dying," what is meant is that it will become a completely commercial, locked-down network. Commerce would still happen, but little would remain of what makes the internet wonderful.

Of such a thing came to pass, what would happen is that we'd create a replacement and the next cycle would begin.

Re: Re:

I'm not sure commerce could happen if the internet was locked down. All the permanent security holes that would open up would make it too dangerous for conducting business. But yeah, you're probably right in that someone would just invent a new internet and everyone would just migrate to it.

Re: Re: Re:

The Internet of ten years ago was full of holes compared to today's Internet, yet commerce still happened on it. You underestimate the tolerance businesses have to bug-riddled systems. Just read http://thedailywtf.com/ for a few days and you'll see.

When the DRM introduces so many security flaws that all of our personal data is stolen by everyone with nefarious intent, can we hold the MPAA responsible and sue them out of existence once and for all?

Re:

When the DRM introduces so many security flaws that all of our personal data is stolen by everyone with nefarious intent, can we hold the MPAA responsible and sue them out of existence once and for all?

Not just security flaws, but loss of legitimate access to the data along with illegitimate access by everyone with nefarious intent. You can't get access to your own data (or the data you licensed legitimately,) because you are following the rules, but anyone who isn't can.

And don't get me started on crappy hardware DRM from vendors who don't want to compete with their older products (grumble, grumble, $450+ 3-year-old ASUS tf101, grumble, encrypted boot-loader, grumble, grumble. Never again!)

People will network

Pre-internet saw the rise of the BBS - where people wanted to share files, and did so with NO central oversight. BBS phone numbers were freely copied and shared - many people connected to hundreds of "sites" with simple dial-up modems. A LOT more was done than the industries ever realized. The "internet" centralized it where it became visible and made it a target.Pre-"It's mine and you can't use it" we had every monthly magazine publishing SOURCE CODE which was freely shared (remember @copyleft?) because people wanted to share and wanted to learn and wanted to share what they enjoyed.

The internet allowed us to do so on a much grander scale - because people want to share what they love and technology allows them to do so easier than ever before. (Try typing in 1000 lines of code out of a magazine with folds in it ... you really learn debugging!)

CULTURE comes from sharing what we love. "The Internet" is just the current mechanism for doing so. Go ahead and take it over. See what happens. Just as has been pointed out - DRM is broken in minutes; phones are jailbroken the day they come out; there is NO technology that can't be circumvented (laws that no one believes in are useless).

People will develop "another way". And, it will be harder to track, harder to find... and the companies will still be standing around wondering what happened and why no one is using their nearly useless service.

Adapt or Die.The net doesn't care.People don't care about the success or failure of YOUR business. They care about the things they enjoy. CULTURE is something which MUST BE shared and enjoyed. Locking it up will fail. EVERY. SINGLE. TIME.

Re: People will network

i will see your skepticism, and raise you my cynicism:

1. the field of play is changing beneath our feet, the persecution (no typo) of the aaron's (browning, manning, snowden, ALL of them) of the world is no anomaly, no rogue DA, etc; that IS the new world odor: order with an ardor...The They (tm) mean to make the trains run on time...

2. as i made the point previously: it doesn't matter if the cracking of DRM/etc is child's play, DESTROYING the child who did so will be/has been/shall be done to such 'cyber-terrorists'... hell, they'll make decompiling/reverse engineering a 'cyber-krime', and lock you away longer than a murderer...(oh, its a'comin', kampers...)3. i'm not sure the puppetmasters are so concerned about a darknet/bitcoin underground of 1% or less; they will control the propaganda/commerce going to 99%... the inertnet will become another tool of oppression and consumption...besides, that 1% will be de facto 'cyber-terrorists', thus subject to being shot on sight...with a bounty...yeah, picture that:hunger games, except you move among the populace, and they get paid a bounty on your head, dead or alive...more like escape from new york...except ain't no snake blisken gonna save your ass...from what i've read, it only takes about 4-5% of the sheeple to rise up on their hind legs and bare their fangs at Empire, to make a difference... only 4-5%...i KNOW there is at least 10 times that amount who are fed up with this bullshit...

Maybe this is my cynicism speaking but...

While the internet would suffer little long-term ill effects if hollywood and their crap disappeared from the net for good, those people receiving lavish dinners, exclusive screenings to up and coming movies, and offers of extremely lucrative 'potential future employment opportunities' would be hurting if hollywood suddenly took a dive like that, so that might be why so many people, who would otherwise be more sensible, consider hollywood to be more important to the internet than the other way around, they simply have a personal stake in it that's warping their perspective.

W3C lost its relevance

This is happening after the W3C lost a lot of its relevance. There was a time when the W3C was the place to go for Web standards: HTML 4, CSS, XML, and so on. Nowadays, the most relevant work is being done elsewhere; in particular, HTML 5 came from the WHATWG, not the W3C.

Re:

The one good thing about HTML 5 is that it isn't necessary for browsers to implement all features of it. This is what we're likely to see -- partial HTML 5 implementations. There's a lot of bad stuff in there that should be left out.

Re: Re:

The one good thing about HTML 5 is that it isn't necessary for browsers to implement all features of it.

At least until it gets market saturation. Then W3C will come out with a HTMLv5 verification tool which tests for specification compatibility and then make a huge deal about how your product doesn't meet its specification and your customers shouldn't use it until you invest the time and energy to implement all of the spec.

Re: Re: Re:

I've been using separate browsers for separate tasks for years. I don't see that people will have a problem installing a DRM-less version of Firefox or Opera to access social media, e-mail, web forums, etc., then using, let's say, Internet Explorer or Chrome for getting on Netflix.

The big issue would be commerce sites. I won't access my bank's web site using a broken DRM'ed-up browser, so these site operators need to be aware that they're risking migrations if they insist on people accessing their sites using an HTML5-compliant browser.

Re: Re: Re: Re:

I've been using separate browsers for separate tasks for years.

I have as well (if only because it is easier to deal with proxies that way, as in Firefox for anything that requires a proxy and Chrome for anything that doesn't.) However, I think this is the exception rather than the rule. Most of my family/friends know Internet Explorer or Firefox as "The Internet" and will call me occasionally to let me know that their internet is broken and ask me to stop by and help them fix it.

I won't access my bank's web site using a broken DRM'ed-up browser, so these site operators need to be aware that they're risking migrations if they insist on people accessing their sites using an HTML5-compliant browser.

Again, exception vs. rule. I was asked recently about this issue, specifically about how someone should know whether a website/browser/application has security risks and should be used to access online financial institutions or not. Most people use whatever browser is available to them, and may not have the know-how to determine what browser is "bank-safe" and what one isn't.

This is compounded by banks not knowing how to adequately design their websites (as my bank has written stupid JavaScript code to verify security which is itself, dangerous to security, a problem that they haven't quite figured out how to fix yet.) Since I turn off JavaScript when dealing with any non-whitelisted site, accessing my bank site allows me to log in, but then their security code fails to run, leaving me logged in but unable to access the site any further. When I enable JavaScript, the code fails to work properly on anything other than Internet Explorer 10/11, and thus I am still left in the same spot of logged in but unable to continue.

Banks should not use JavaScript, period, and certainly not for "authentication purposes." But banks should also not restrict their passwords to 8 characters with no special characters either or ask for stupid "what is your most favorite/best ____" verification questions (which, unless you write down the response, do very little to help with security verification since they often change based on your mood, time of day, etc.,) and many of them do.

Re: Re: Re: Re:

For a good long while, I only used Firefox. Increasingly over the past few years, though, the web has been retrograding so that some thing only work under Firefox, some only under Chrome, and some only under IE. It's like a blast from the past -- I have three browsers, each with their own list of bookmarks.

Re:

"I wonder how many open source browsers/os's will pop up with no html5 or go back to what it was prior to it."

There's no need for anything to "pop up." The source code for many older browsers is readily available.

And while I'm here ...Nothing these companies are doing prevents me from continuing to download and use whatever I want, whenever I want. The internet isn't dying; we're just witnessing an expansion of the underground user base and the increasing irrelevance of centralization.

Because it's MORAL for the producers to get rewarded for what THEY created.

Not your fat pirate slobs like Kim Dotcom.

I skipped reading the body, need only your headline to know where you went: the usual baseless assertions that greasy grifters must be cut in and pirates allowed to steal however much wished. Your "new business model" notions for content delivery on "teh internets" are complete vapor that doesn't take the easy unlimited stealing into account, and in any case, the producers have the entirety of the right because MADE the products. SO, though I regret the coming of DRM, it's entirely reasonable and necessary.

It's you little pirates who rabidly steal content to fill your empty minds that cause the increase of control. And that CRAP content is actually harmful to you, but you're addicted.Mike often tells us that he knows how teh internets work, but never really shows a grasp of human nature in practice, the fraud and control to gain money any way can.

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

I skipped reading the body, need only your headline to know where you went:

That's funny, I'd imagine most people would say the same thing about your comments. 'I skipped reading the comment, need only [see] your name to know where you went'.

And you and a handful of other people wonder why your comments get auto-reported all the time, when you practically brag about being unable or unwilling to read a post, yet have no problem going on your usual rants based entirely on what you assume it said... well, back to time-out for you.

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

DRM encumbered streaming offerings will curb "piracy" in the same way that putting a locked door in a wall will stop people from climbing through the window.

Of course, the solution is to make the door locks more cumbersome and place them under high voltage. If that does not keep people from climbing through the window, maybe put a time lock on them? And play a recording telling people for 10 minutes what a bad idea it would be to climb through the window?

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

"I skipped reading the body, "

Same to you, which is why you are auto-reported NO MATTER WHAT YOU SAY. You don't DESERVE the benefit of the doubt anymore, YOU are responsible for any "censoring" (as you call it, even though thats not what it is - its actually a PROTEST against you and you way of responding. Its an indictment, not censorship) that comes your way. Now, most people don't CARE what you have to say, they just hit "report" without reading because that is what you have EARNED.

Re: Re: Because it's MORAL for the producers to get rewarded for what THEY created.

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

With the use of DRM, it becomes impossible for the creators to regain control of what they created, as the Publisher and between them can maintain control over all copies. DRM always increases the control that the publishers have over a creators work.

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

"Not your fat pirate slobs like Kim Dotcom."

When you try to make a moral argument by insulting someone's physical appearance, you fail badly.

"I skipped reading the body, need only your headline to know where you went: the usual baseless assertions that greasy grifters must be cut in and pirates allowed to steal however much wished."

And this is why nobody here takes you seriously, and I doubt it's just us who feels this way. The article has nothing to do with your suggestion, and the fact that you're so far off base shows you're not nearly as clever as you think you are.

"SO, though I regret the coming of DRM, it's entirely reasonable and necessary."

That's sounds like something I'd expect to hear from a clueless politician! Please explain how something that has a long and sordid history of abject failure can be considered "reasonable and necessary".

Re: Because it's MORAL for the producers to get rewarded for what THEY created.

Bollox mate I work in movies and producers are universally talentless f******* with access to large piles of other peoples money. All the important stuff is done "below the line" and it is common to be screwed out of pennies by these assholes in amgs

One word - watermarks

No DRM but put the effort into individual watermarking at point of sale. Find a copy on file sharing sites - prosecute the originator.I.e. go for the provably guilty (if they really bother you) , leave the innocent alone.

Hollywood faces a demographics problem.

Hollywood faces a demographics problem. Even if we limit youtube to US citizens, 350,000,000, and give Hollywood the entire population of Los Angeles, 5,000,000, they face a 70 to 1 ratio. Then if we get real generous and say that Hollywood people are 10 times as productive as those outside Hollywood they still face a 7 to 1 ratio within the US. That means ignoring that most people in the world do not live in the US and that a large portion of Hollywood's most productive people come from outside Hollywood. (Think of New York, Canada, Australia, and Britain for actors and Nashville for musicians)

Makes me think of trying to hold back the tide.

Youtube also shows that the public is much more interested in each other than Hollywood is in rach of us. We create videos about flashmobs and cute animals because those are more relevant to us than the latest Marvel or Disney blockbuster.

Art and Science are SUPPOSED to make us think differently. Hollywood wants us to receive their "content" and then not discus it with anybody. That is insane. Whether the discussion includes excerps from the original or not is going to be difficult for even ab Orwellian state to determine.

To see the falsehood of copyright being REQUIRED for good content to be created you have only to look at fashion. No copyrights and yet they do several times what Hollywood does in dollar amounts. They have a few extremely wealthy individuals, many making only a few millions each year, millions barely supporting their efforts and even more millions struggling to get to the point of earning a full time living. Pretty much sounds the way Music spreads its wealth but without Hollywood leeches siphoning off 90% doesn't it ?

So if we get the same distribution without copyright why do we need welfare for leeches ?

The political power of Hollywood just doesn't match their economic value.

Even the box office returns for the highest-grossing films of all time are basically a rounding error by Silicon Valley standards. Entertainment is a tiny, tiny industry that enjoys very high visibility, But these guys are going to be in for a rude awakening when they finally get the sleeping giant to wake up.

Re: Re:

It's because Hollywood possesses glamor and appeals to popular tastes, two things politician lack and need if they want to get elected. Hollywood may not have all the money, but having a politician shake hands with a movie star on TV is priceless. Hollywood controls the mass media machine that the internet threatens.

Re: seems like a stupid argument to start from

Further to your argument, Hollywood most certainly does not need the internet as much as the internet needs Hollywood.

Considering that so many people here (who often slag hollywood movies) spend much of their time trying to pirate stuff, it's clear that the internet without hollywood (and other copyright material) would be a wasteland of people talking to each other about not much. Imagine nothing but facebook and stupid cat videos, and you have the idea.

Hollywood existed BEFORE the internet, and if you shut the net down completely tomorrow, Hollywood would still exist (and probably be more profitable than it is today). Hollywood has plenty of distribution WITHOUT the net, but without Hollywood, your subscription to Netflix wouldn't get you much - and thus rendering your internet access even more useless.

Put another way: the internet is a good distribution model on some levels, a pain in the ass on others. Hollywood makes their money today generally without it, so the entire premise of the article (based on the title) is just plain wrong - and shows a certain style of revisionist history required to make many of the arguments put forward here.

Re: Re: seems like a stupid argument to start from

You weren't around on the pre-mass-commercialization Internet, were you?

There was plenty of stuff then, albeit of rather different type from what there is now; if all the mass-commercialization sites went away, that could and likely would return, and there have been enough developments in user-generated content that there would likely be quite a bit beyond just "the old stuff" as well.

Re: seems like a stupid argument to start from

It's turning around an argument we hear from the major content producers all the time: the internet needs their content, and therefore it's worth harming the internet in exchange for them deigning to let it exist there.

As you rightly point out, it's a completely bogus argument. That's the point.

Only computing and communications, Hollywood keep out.

"But here's the thing: the internet wasn't built to be the next broadcast medium for big Hollywood blockbusters. It was built as a computing and communications platform. "

wow, how retrograde, do you honestly believe the 'internet' is a static and 'legacy industry' that is 'just a computing and communications platform', that new advances and technologies have no place on the internet, that is should not be used as a 'broadcast medium' for Hollywood, I guess we all should still be using BBS's and FTP/Telnet'ing around the world.

so we should be purists and only use the internet for what it was built for, nothing else.

Re: Only computing and communications, Hollywood keep out.

that new advances and technologies have no place on the internet

New "technologies" that cause harm to everything else the internet is used for do indeed have no place on the internet. If someone wants to use the internet to broadcast without causing such harm, there' no problem with that.

It's not a retrograde position at all. Quite the opposite: it's a position that seeks to maintain the value of the internet and to ensure that it remains a viable platform for innovation.

CCS

I can understand why NetFlix is pushing for this DRM which should be correctly called a Content Control System. This is because NetFlix is denied key PPV events all the time their streams can be easily ripped and distributed.

So I can sympathise with them in what should be a natural expansion of their business but at the same time while I consider NetFlix use "fair" I can also recognize the danger in that priority use events can soon become general use inflicting all media.

The article is correct that this would turn HTML into a huge broadcast system which in the longer term would restrict the free flow of information.

I would believe NetFlix would win this one when general user communication is not being blocked making this a new layer. My only doubt if the HTML specification is the right place for DRM when they should really be doing this themselves in their player or plug-in.

Re: CCS

My only doubt if the HTML specification is the right place for DRM when they should really be doing this themselves in their player or plug-in.

Which is what they currently do!

I hadn't heard that Netflix wanted to get into the PPV game. That would be a really weird area for them to get into, since they don't currently have the payment infrastructure in place such a thing. It's not impossible, though.

However, adding DRM to the HTML spec does not solve the problem you cite. Netflix would still have to distribute a plugin to do the actual encryption, and there is nothing crypto-wise that they could do with EME that they can't do right now with Silverlight.

Netflix' interest in this is really simple, and only tangential to crypto -- they want to be able to stop using Silverlight.

Ummm...

Re: Ummm...

All the cool kids are there. To change the situation, we need to create a new table and get the cool kids to eat there. Of course, the uncool people will wander over and try to join... how in the world will we keep them out?

Who owns the internet - US not the W3C

Lets just get that out in the air. The W3C is not the owner of the internet. The internet is a public space. They are being talked about like they have almighty power over the internet - they do not and if they step out of line with the public's desires for the plan of the internet then they should and can be removed as any kind of authority. The only thing is for people to realize that the W3C does not have that kind of right or power (to grant or deny the MPAA's wishes. for example) over what the public wants and expects from them - according to their credo. Someone at the W3C is making a move to see if they can get away with positioning themselves as the "Boss of the Internet" - all we need to do is remind him that WE are the boss of the Internet, and remove him and the Mpaa completely.